Short Name |
HTTP:STC:CLSID:ACTIVEX:PAVPZ |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Panda ActiveScan (PAVPZ.dll) Information Disclosure |
Release Date |
2006/12/20 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects Web pages containing dangerous ActiveX Controls. A malicious Web site can exploit a known vulnerability in Panda ActiveScan and determine the presence of local files and the corresponding file sizes.
Panda ActiveScan ActiveX controls are prone to multiple remote vulnerabilities. Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control, to cause denial-of-service conditions, and to determine the existence of files on targeted computers. Successful attacks may lead to the remote compromise of affected computers. Panda ActiveScan 5.53.00 is vulnerable to these issues; other versions may also be affected.